One of your dependency files is conclusively malware. I have a hard time believing this is unintentional.
|
|
|
Look into upgrading to MyFaucet v0.13 - a few new features (I can see you've already implemented the balance check!).
|
|
|
The demo loan application fee has been reduced to 0.02 BTC, inline with the rises in the btcusd price.
I sent 1btc from my inputs.io wallet to CL directly from CL, but I dont see the coins at all, already sent support email, please help... My inputs.io wallet email is different from coinlenders email, are we not supposed to do that? Resolved.
|
|
|
New authorization requests will prompt you to click to authorize. Previously, an attacker could trick you into visiting a malicious URL that iframed or embedded an image that's the same as an authorization key they want you to click.
|
|
|
On a related note during my "security audit" I noticed there was also an IP filter on inputs.io. I found out that it can be circumvented by tricking the account owner into visiting a site with some simple JS that takes advantage of an old DNS rebinding attack and allows me to essentially use their browser as a proxy to access inputs.io or any other website of my choosing.
Thanks for the report, this has been patched
|
|
|
The cause of the downtime is malicious. There has been no compromise of any database, data, or code - they couldn't have been accessed by the malicious party (and so is other projects like Inputs.io and CL)
After talking with whiskers75, I suspect that the same individual was responsible. It was carried out through social engineering (different) hosting providers.
Sorry for the downtime - I hope to have coinchat back before Monday.
|
|
|
Ask people to upgrade to my faucet 0.13 which shows the balance.
|
|
|
Hey TF, do we get paid after the month or at the beginning of being enrolled?
At the end.
|
|
|
Very disappointed. Logged in today, and didnt even need my 2FA. I chose inputs because of the security, and now youre just disabling part of it without asking anyone. Is this a bug? I put in my username and pass, it took me to the GPG screen and logged me in. Not cool.
Hi, For 2FA and GPG to have any improvement in security, the machine you decrypt the GPG text from must be different from the machine you're signing in from. Unless you were decrypting on an airgapped machine, there's pretty much no change security wise, except that it's more convenient. We want as many users taking advantage of 2FA (OTP or GPG) as possible. There's also going to be another innovative security measure coming soon.
|
|
|
Starting today (1st October). Included inputs.io username too for double payment.
Paid up to here
|
|
|
How was whiskers & whiskchat hacked?
|
|
|
Leave him a negative trust rating?
|
|
|
The demo loan application fee has been reduced to 0.02 BTC, inline with the rises in the btcusd price.
|
|
|
The forum is run in a very 'libertarian' way. There's no formal vendor verification process, although you need to focus on providing enough information for the average user to trust you. If you already have an existing offline business, I don't think you'll have issues with people screaming scam.
|
|
|
First liquidation payment (primarily JD along with some other assets): 0.08684 BTC paid out per share. If you haven't claimed yet, the amount will be credited once you claim.
Currently, I expect each BTCINVEST btcinvest share will receive ~0.16 BTC in total. Of course, there will be a full report.
|
|
|
Of course we do ...and we don't even ask for a note from your mum saying it's ok. LOL Try out :candy: on coinchat!
|
|
|
I'm pretty sure *less* people are going to loan to you now.
|
|
|
|